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US-PGPUB; 
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EPO; JPO; 

DERWENT; 

IBM_TDB 
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2005/04/06 11:37 


S4 


38 


S3 and computer and trust$4 and 
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US-PGPUB; 

USPAT; 

USOCR; 

EPO; JPO; 

DERWENT; 

IBM_TDB 


OR 


ON 


2005/04/04 10:08 


S5 


4251 


713/200,201.ccls. 709/223.ccls. 


USPAT 
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2005/04/04 10:25 


S6 


704 
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network 


USPAT 
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USPAT 
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81 


computer and (access adj control 
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ON 


2005/04/04 15:41 
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1 . In a communication system having a plurality of networks, a method of achieving 
network separation between first and second networks comprising: 

Defining the first network with a first degree of trust; 

Defining the second network with a second degree of trust that is lower than the 
first degree of trust; 

Enabling communication between first and second networks via a network 
interface system using a communication protocol implemented in an application layer of 
a communication protocol stack; and 

Enabling data communication from the second network to the first network while 
minimizing data communication from the first network to the second network. 

2. The method of claim 1, further comprising: 

Enabling applications operating on the second network to pass information to 
applications operating on the first network; and 

Configuring the network interface system into first and second regions for 
performing respective processing tasks of the first and second networks. 

3. The method of claim 2, wherein the configuring includes implementing the network 
interface system with distinct sets of first and second processors, the first and second 
processors having a shared memory. 

4. The method of claim 3, further comprising: 

Defining addresses in a user configuration table of the network interface system; 
accepting information sent from the second network and only from addresses matching 
the addresses defined in the user configuration table; 

Configuring a protocol for use with the network interface system such that only 
valid connection requests are initiated via the protocol. 

5. The method of claim 4, wherein the network interface system protocol enforces 
connection limits on data transfer to prevent saturation of the network interface system by 
a connection initiated from the second network. 

6. The method of claim 4, further comprising: 

Enabling communications between the first and second regions via an 
interprocessor communication channel; 

Enabling data communication from the second network lo the first network via 
the interprocessor communication channel; 

Configuring the interprocessor communication channel to communicate moving 
averages from the first network to the second network; and 

Configuring the network interface system to prevent the shared memory from 
overflowing by controlling the rate at which messages are acknowledged by the network 
interface system. 

7. The method of claim 6, wherein the rate of acknowledgments is probabilistic, derived 
from a mean rate based on a moving average of the rate at which the first network is 
accepting messages from the second network. 



8. The method of claim 4, further comprising: 

Configuring an application program loaded in the network interface system to 
support the protocol such that each application on the first and second networks using the 
network interface system communicates with a first and second application program 
interfaces, respectively, of the first and second networks. 

9. The method of claim 8, further comprising: 

Accepting acknowledgments, at the application protocol layer, for messages 
transmitted from the network interface system to the first network; 

Communicating acknowledgment data from the network interface system to the 
second application program interface, the acknowledgments delivered in a fixed, 
predefined format; and 

Wherein, the acknowledgments provided to the second application program 
interface indicates that the network interface system successfully received data to be 
transmitted and stored in the shared memory, and wherein the acknowledgment data is 
generated by the network interface system. 

10. The method of claim 9 wherein, for each active connection, a distinct variable is 
maintained that reflects a moving average of the time it takes for the first application 
program interface to accept messages from the second network; 

Randomly delaying messages received from the second application program 
interface over the active connection based on the moving average using a random 
variable of a pseudo-exponential or similar type; and 

Receiving messages at the application layer, wherein information flow from the 
first application program interface to the second application program interface occurs 
through changes in values of the moving average. 

1 1 . A network separation method for achieving network separation between first and 
second networks of a communication system, comprising: 

Providing a computer server configured to have a communication protocol stack 
implemented in an application layer; and 

Enabling data communication from the second network to the first network via 
the computer server, the first network having a higher degree of trust than the second 
network, and wherein rate of acknowledgment of messages by the computer server is 
probabilistic derived from a mean rate based on a moving average of the rate at which the 
first network accepts messages sent from the second network. 

12. The method of claim 11, further comprising: 

Configuring the server into first and second regions for performing respective 
processing tasks of the first and second networks, wherein the configuring includes 
implementing the server with distinct sets of first and second processors and distinct sets 
of first and second memory, and the first and second processors having a shared memory; 

Defining addresses in a user configuration table configured in the server; and 
accepting information sent from the second network and only from addresses matching 
the addresses defined in the user configuration table. 



13. The method of claim 12, further comprising: 

Configuring a communication protocol for use with the server such that only valid 
connection requests are initiated via the protocol, and wherein the server is configured to 
communicate moving averages from the first network to the second network, and wherein 
the protocol is configured to enforce connection limits on data transfer to prevent 
saturation of the server by a connection initiated from the second network. 

14. A system for achieving network separation between first and second networks of a 
communication system, comprising: 

A first processor for processing information from the first network; 

A second processor for processing information from the second network, the first 
network having a higher degree of trust than the second network; and 

Wherein a rate of acknowledgment of messages by the system is probabilistic 
derived from a mean rate based on a moving average of the rate at which the first 
network accepts messages sent from the second network. 

15. The system of claim 14, further comprising: 

An interface configured to enable communications from the second network to 
the first network, and selectively route information from the first network to the second 
network; 

A communication protocol stack implemented in an application layer; and 
first and second application program interfaces configured to interface with application 
programs of first and second networks, respectively. 

16. The system of claim 15, wherein the first processor has first memory, the second 
processor has second memory, and the first and second processors have a shared 
memory. 

17. The system of claim 16, wherein the configuration table, having address information 
such that the first network is configured to accept information sent from the second 
network only from addresses matching the addresses defined in the user configuration 
table is provided from the first processor and first memory to the second processor and 
second memory through the shared memory. 

18. The system of claim 17, wherein the protocol enforces connection limits on data 
transfer to prevent saturation of the system by a connection initiated from the second 
network, and wherein the interface is configured to communicate a value based on the 
moving averages from the first network to the second network, and to prevent the high 
memory from overflowing by controlling the rate at which messages are acknowledged 
by the system. 

19. The system of claim 19, wherein for each active connection, the system maintains a 
distinct variable that reflects a moving average of the time it takes for the first application 
program interface to accept messages from the second network, and messages received 
from the second application program interface are delayed based on the moving average 



using a random variable of a pseudo-exponential or similar type, and further wherein 
information flow from the first application program interface to the second application 
program interface occurs through changes in the moving average values. 

20. A network separation system for achieving network separation between first and 
second networks of a communication system, comprising: 

Means for providing a computer server configured to have a communication 
protocol stack implemented in an application layer; and 

Means for enabling data communication from the second network to the first 
network via the computer server, the first network having a higher degree of trust than the 
second network, and wherein the rate of acknowledgment of messages by the computer 
server is probabilistic with a mean rate based on a moving average of the rate at which 
the first network accepts messages sent from the second network. 



